B

Salesforce MCP Server

Salesforce's official hosted MCP servers (GA April 2026) for SObject CRUD, Data 360, Tableau Next, plus custom servers exposing Flows, Apex, and Prompt Builder templates. Per-user OAuth 2.0 + PKCE via an External Client App (scopes mcp_api, refresh_token); enforces each user's CRUD, field-level security, and sharing. The server URL is per-org (obtained from Setup). Replaces the community tsmztech/mcp-server-salesforce listing. Note: scores other than authentication are a provisional assessment from Salesforce's documentation pending a live tool-level audit.

Overall Score76/100

Score Breakdown

Server Info

Package
Per-org my.salesforce.com URL (Setup - Salesforce Servers)
Registry
remote
Maintainer
SalesforceVendor
Category
CRM & Sales
Tags
crmsalesenterprisehostedoauth
Last Scanned
7 Apr 2026

Findings

4 issues

Authentication & Identity

LOWImplements MCP OAuth spec for per-user authentication

Official Salesforce-hosted remote MCP (GA 2026-04-29, Enterprise Edition and above). Per-user OAuth 2.0 with PKCE via an External Client App, requiring the mcp_api and refresh_token scopes; there are no anonymous service accounts and every request enforces the user's CRUD, field-level security, and record sharing. The server URL is per-org (a my.salesforce.com domain) activated from Setup.

Remediation

Document the required OAuth scopes for each tool.

Tool Schema Quality

MEDIUMTool schemas not independently audited

The hosted server has no public source repository, so tool input schemas, required fields, and parameter constraints could not be verified directly. Provisional score pending a live tool-level audit.

Remediation

Run a live audit against the hosted endpoint to enumerate and score tool schemas.

Permission Granularity

LOWEnforces per-user CRUD, FLS, and sharing

Every request runs as the authenticated user and enforces Salesforce CRUD, field-level security, and record sharing; standard servers separate read/mutation/delete SObject tools. Per-tool scope detail was not independently verified.

Remediation

Publish per-tool permission requirements.

Data Exposure

MEDIUMPagination and field selection not verified

Whether list operations paginate and support field selection could not be verified without a live audit of the hosted tool surface.

Remediation

Audit list operations for pagination and field-selection support.

Deploy Salesforce MCP Server securely

CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.

Deploy on CompleteFlow